<?php

/*
=====================================================
 FluxBB - Delux Board Converstations (DBC)
-----------------------------------------------------
 http://dbc-forum.com/
 http://fluxbb.org/
-----------------------------------------------------
 Copyright (c) 2010,2011 FluxBB - Delux Board Conversations (DBC)
-----------------------------------------------------
 Предсловие: Данный скрипт (DBC) не является работой с нуля, то 
 есть ядром скрипта всё также остаётся FuxBB,но теперь в оболочке
 DBC.
=====================================================
*/

if (isset($_GET['action']))
	define('DBC_QUIET_VISIT', 1);

define('DBC_STATIC', 1);
define('DBC_ROOT', './');
require DBC_ROOT.'engine/common.php';


// Load the misc.php language file
require DBC_ROOT.'language/'.$DBC_user['language'].'/misc.php';

$action = isset($_GET['action']) ? $_GET['action'] : null;


if ($action == 'rules')
{
	if ($DBC_config['o_rules'] == '0' || ($DBC_user['is_guest'] && $DBC_user['g_read_board'] == '0' && $DBC_config['o_regs_allow'] == '0'))
		message($lang_common['Bad request']);

	// Load the register.php language file
	require DBC_ROOT.'language/'.$DBC_user['language'].'/register.php';

	$page_title = array(DBC_htmlspecialchars($DBC_config['o_board_title']), $lang_register['Forum rules']);
	define('DBC_ACTIVE_PAGE', 'rules');
	require DBC_ROOT.'engine/engine.php';

?>




<table width="100%" height="38" border="0" cellpadding="0" cellspacing="0"><thead><tr>
<td align="left" width="28" class="bg_forum_title_left"><img src="engine/skins/images/spacer.gif" border="0"></td>
<td align="left" class="bg_forum_title_center"><span class="cat_title"><?php echo $lang_register['Forum rules'] ?></span></td>
<td align="center" width="28" class="bg_forum_title_right"><img src="engine/skins/images/spacer.gif" border="0"></td>
</tr></table>



<table class="forum_adv_table"  width="100%" border="0" cellpadding="0" cellspacing="0"><thead><tr>
<td align="left" class="forum_adv_tleft" width="2"><img src="engine/skins/images/spacer.gif" border="0"></td>
<td align="left" width="100%"><div class="forum_adv2">


<div id="rules" class="inform_oth">
		<div id="rules-block" class="inbox">
			<div class="usercontent"><?php echo $DBC_config['o_rules_message'] ?></div>
		</div>
</div>

</div></td>
<td align="left" class="forum_adv_tright" width="2"><img src="engine/skins/images/spacer.gif" border="0"></td>
</td></tr></table>
<table width="100%" height="23" border="0" cellpadding="0" cellspacing="0"><thead><tr>
<td align="left" width="30" class="bg_forum_bott_left"><img src="engine/skins/images/spacer.gif" border="0"></td>
<td align="left" class="bg_forum_bott_center"><img src="engine/skins/images/spacer.gif" border="0"></td>
<td align="center" width="30" class="bg_forum_bott_right"><img src="engine/skins/images/spacer.gif" border="0"></td>
</tr></thead></table>



<?php
	$footer_style = 'index';
	require DBC_ROOT.'engine/footer.php';
}
else if ($action == 'lang')
{
	$language = isset($_GET['lang']) ? DBC_trim(preg_replace('/[^a-zA-Z0-9_]/', '', $_GET['lang'])) : '0';
	if (!file_exists(DBC_ROOT.'language/'.$language.'/common.php'))
		message($lang_common['Bad request']);

	if ($DBC_user['is_guest'])
	{
		forum_setcookie('guest_language', $language, time()+ 31536000);
	}
	else
		$db->query('UPDATE '.$db->prefix.'users SET language="'.$db->escape($language).'" WHERE id='.$DBC_user['id']) or error('Unable to update profile', __FILE__, __LINE__, $db->error());

	$redirect_url = (isset($_SERVER['HTTP_REFERER']) && preg_match('#^'.preg_quote($DBC_config['o_base_url']).'/(.*?)\.php#i', $_SERVER['HTTP_REFERER'])) ? htmlspecialchars($_SERVER['HTTP_REFERER']) : 'index.php';
	redirect($redirect_url, $lang_misc['Lang changed']);
}

else if ($action == 'markread')
{
	if ($DBC_user['is_guest'])
		message($lang_common['No permission']);

	$db->query('UPDATE '.$db->prefix.'users SET last_visit='.$DBC_user['logged'].' WHERE id='.$DBC_user['id']) or error('Unable to update user last visit data', __FILE__, __LINE__, $db->error());

	// Reset tracked topics
	set_tracked_topics(null);

	redirect('index.php', $lang_misc['Mark read redirect']);
}


// Mark the topics/posts in a forum as read?
else if ($action == 'markforumread')
{
	if ($DBC_user['is_guest'])
		message($lang_common['No permission']);

	$fid = isset($_GET['fid']) ? intval($_GET['fid']) : 0;
	if ($fid < 1)
		message($lang_common['Bad request']);

	$tracked_topics = get_tracked_topics();
	$tracked_topics['forums'][$fid] = time();
	set_tracked_topics($tracked_topics);

	redirect('viewforum.php?id='.$fid, $lang_misc['Mark forum read redirect']);
}


else if (isset($_GET['email']))
{
	if ($DBC_user['is_guest'] || $DBC_user['g_send_email'] == '0')
		message($lang_common['No permission']);

	$recipient_id = intval($_GET['email']);
	if ($recipient_id < 2)
		message($lang_common['Bad request']);

	$result = $db->query('SELECT username, email, email_setting FROM '.$db->prefix.'users WHERE id='.$recipient_id) or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());
	if (!$db->num_rows($result))
		message($lang_common['Bad request']);

	list($recipient, $recipient_email, $email_setting) = $db->fetch_row($result);

	if ($email_setting == 2 && !$DBC_user['is_admmod'])
		message($lang_misc['Form email disabled']);


	if (isset($_POST['form_sent']))
	{
		// Clean up message and subject from POST
		$subject = DBC_trim($_POST['req_subject']);
		$message = DBC_trim($_POST['req_message']);

		if ($subject == '')
			message($lang_misc['No email subject']);
		else if ($message == '')
			message($lang_misc['No email message']);
		else if (DBC_strlen($message) > DBC_MAX_POSTSIZE)
			message($lang_misc['Too long email message']);

		if ($DBC_user['last_email_sent'] != '' && (time() - $DBC_user['last_email_sent']) < $DBC_user['g_email_flood'] && (time() - $DBC_user['last_email_sent']) >= 0)
			message(sprintf($lang_misc['Email flood'], $DBC_user['g_email_flood']));

		// Load the "form email" template
		$mail_tpl = trim(file_get_contents(DBC_ROOT.'language/'.$DBC_user['language'].'/mail_templates/form_email.tpl'));

		// The first row contains the subject
		$first_crlf = strpos($mail_tpl, "\n");
		$mail_subject = DBC_trim(substr($mail_tpl, 8, $first_crlf-8));
		$mail_message = DBC_trim(substr($mail_tpl, $first_crlf));

		$mail_subject = str_replace('<mail_subject>', $subject, $mail_subject);
		$mail_message = str_replace('<sender>', $DBC_user['username'], $mail_message);
		$mail_message = str_replace('<board_title>', $DBC_config['o_board_title'], $mail_message);
		$mail_message = str_replace('<mail_message>', $message, $mail_message);
		$mail_message = str_replace('<board_mailer>', $DBC_config['o_board_title'].' '.$lang_common['Mailer'], $mail_message);

		require_once DBC_ROOT.'engine/email.php';

		DBC_mail($recipient_email, $mail_subject, $mail_message, $DBC_user['email'], $DBC_user['username']);

		$db->query('UPDATE '.$db->prefix.'users SET last_email_sent='.time().' WHERE id='.$DBC_user['id']) or error('Unable to update user', __FILE__, __LINE__, $db->error());

		redirect(htmlspecialchars($_POST['redirect_url']), $lang_misc['Email sent redirect']);
	}


	// Try to determine if the data in HTTP_REFERER is valid (if not, we redirect to the users profile after the email is sent)
	$redirect_url = (isset($_SERVER['HTTP_REFERER']) && preg_match('#^'.preg_quote($DBC_config['o_base_url']).'/(.*?)\.php#i', $_SERVER['HTTP_REFERER'])) ? htmlspecialchars($_SERVER['HTTP_REFERER']) : 'index.php';

	$page_title = array(DBC_htmlspecialchars($DBC_config['o_board_title']), $lang_misc['Send email to'].' '.DBC_htmlspecialchars($recipient));
	$required_fields = array('req_subject' => $lang_misc['Email subject'], 'req_message' => $lang_misc['Email message']);
	$focus_element = array('email', 'req_subject');
	define('DBC_ACTIVE_PAGE', 'index');
	require DBC_ROOT.'engine/engine.php';

?>
<div id="emailform" class="blockform">

<table width="100%" height="38" border="0" cellpadding="0" cellspacing="0"><thead><tr>
<td align="left" width="28" class="bg_forum_title_left"><img src="engine/skins/images/spacer.gif" border="0"></td>
<td align="left" class="bg_forum_title_center"><span class="cat_title"><?php echo $lang_misc['Send email to'] ?> <?php echo DBC_htmlspecialchars($recipient) ?></span></td>
<td align="center" width="28" class="bg_forum_title_right"><img src="engine/skins/images/spacer.gif" border="0"></td>
</tr></table>

<table class="forum_adv_table"  width="100%" border="0" cellpadding="0" cellspacing="0"><thead><tr>
<td align="left" class="forum_adv_tleft" width="2"><img src="engine/skins/images/spacer.gif" border="0"></td>
<td align="left" width="100%"><div class="forum_adv_c">
		<form id="email" method="post" action="misc.php?email=<?php echo $recipient_id ?>" onsubmit="this.submit.disabled=true;if(process_form(this)){return true;}else{this.submit.disabled=false;return false;}">
			<div class="inform">
					<div class="login_info"><?php echo $lang_misc['Write email'] ?></div>
					<div class="infldset txtarea">
						<input type="hidden" name="form_sent" value="1" />
						<input type="hidden" name="redirect_url" value="<?php echo $redirect_url ?>" />
						<label class="required"><strong><?php echo $lang_misc['Email subject'] ?> <span><?php echo $lang_common['Required'] ?></span></strong><br />
						<input class="input_text" type="text" name="req_subject" size="75" maxlength="70" tabindex="1" /><br /></label>
						<label class="required"><strong><?php echo $lang_misc['Email message'] ?> <span><?php echo $lang_common['Required'] ?></span></strong><br />
						<textarea name="req_message" class="input_text" rows="10" cols="75" tabindex="2"></textarea><br /></label>
						<p><?php echo $lang_misc['Email disclosure note'] ?></p>
					</div>
			</div>
			<p class="buttons"><input type="submit" class="fbutton" name="submit" value="<?php echo $lang_common['Submit'] ?>" tabindex="3" accesskey="s" /> <a href="javascript:history.go(-1)"><?php echo $lang_common['Go back'] ?></a></p>
		</form>
<br/>
</div></td>
<td align="left" class="forum_adv_tright" width="2"><img src="engine/skins/images/spacer.gif" border="0"></td>
</td></tr></table>
<table width="100%" height="23" border="0" cellpadding="0" cellspacing="0"><thead><tr>
<td align="left" width="30" class="bg_forum_bott_left"><img src="engine/skins/images/spacer.gif" border="0"></td>
<td align="left" class="bg_forum_bott_center"><img src="engine/skins/images/spacer.gif" border="0"></td>
<td align="center" width="30" class="bg_forum_bott_right"><img src="engine/skins/images/spacer.gif" border="0"></td>
</tr></thead></table>
</div>
<?php
	$footer_style = 'index';
	require DBC_ROOT.'engine/footer.php';
}


else if (isset($_GET['report']))
{
	if ($DBC_user['is_guest'])
		message($lang_common['No permission']);

	$post_id = intval($_GET['report']);
	if ($post_id < 1)
		message($lang_common['Bad request']);

	if (isset($_POST['form_sent']))
	{
		// Clean up reason from POST
		$reason = DBC_linebreaks(DBC_trim($_POST['req_reason']));
		if ($reason == '')
			message($lang_misc['No reason']);
		else if (strlen($reason) > 65535) // TEXT field can only hold 65535 bytes
			message($lang_misc['Reason too long']);

		if ($DBC_user['last_email_sent'] != '' && (time() - $DBC_user['last_email_sent']) < $DBC_user['g_email_flood'] && (time() - $DBC_user['last_email_sent']) >= 0)
			message(sprintf($lang_misc['Report flood'], $DBC_user['g_email_flood']));

		// Get the topic ID
		$result = $db->query('SELECT topic_id FROM '.$db->prefix.'posts WHERE id='.$post_id) or error('Unable to fetch post info', __FILE__, __LINE__, $db->error());
		if (!$db->num_rows($result))
			message($lang_common['Bad request']);

		$topic_id = $db->result($result);

		// Get the subject and forum ID
		$result = $db->query('SELECT subject, forum_id FROM '.$db->prefix.'topics WHERE id='.$topic_id) or error('Unable to fetch topic info', __FILE__, __LINE__, $db->error());
		if (!$db->num_rows($result))
			message($lang_common['Bad request']);

		list($subject, $forum_id) = $db->fetch_row($result);

		// Should we use the internal report handling?
		if ($DBC_config['o_report_method'] == '0' || $DBC_config['o_report_method'] == '2')
			$db->query('INSERT INTO '.$db->prefix.'reports (post_id, topic_id, forum_id, reported_by, created, message) VALUES('.$post_id.', '.$topic_id.', '.$forum_id.', '.$DBC_user['id'].', '.time().', \''.$db->escape($reason).'\')' ) or error('Unable to create report', __FILE__, __LINE__, $db->error());

		// Should we email the report?
		if ($DBC_config['o_report_method'] == '1' || $DBC_config['o_report_method'] == '2')
		{
			// We send it to the complete mailing-list in one swoop
			if ($DBC_config['o_mailing_list'] != '')
			{
				$mail_subject = sprintf($lang_common['Report notification'], $forum_id, $subject);
				$mail_message = sprintf($lang_common['Report message 1'], $DBC_user['username'], $DBC_config['o_base_url'].'/topics_'.$post_id.'#p'.$post_id)."\n";
				$mail_message .= sprintf($lang_common['Report message 2'], $reason)."\n";
				$mail_message .= "\n".'--'."\n".$lang_common['Email signature'];

				require DBC_ROOT.'engine/email.php';

				DBC_mail($DBC_config['o_mailing_list'], $mail_subject, $mail_message);
			}
		}

		$db->query('UPDATE '.$db->prefix.'users SET last_email_sent='.time().' WHERE id='.$DBC_user['id']) or error('Unable to update user', __FILE__, __LINE__, $db->error());

		redirect('topics_'.$post_id.'#p'.$post_id, $lang_misc['Report redirect']);
	}

	// Fetch some info about the post, the topic and the forum
	$result = $db->query('SELECT f.id AS fid, f.forum_name, t.id AS tid, t.subject FROM '.$db->prefix.'posts AS p INNER JOIN '.$db->prefix.'topics AS t ON t.id=p.topic_id INNER JOIN '.$db->prefix.'forums AS f ON f.id=t.forum_id LEFT JOIN '.$db->prefix.'forum_perms AS fp ON (fp.forum_id=f.id AND fp.group_id='.$DBC_user['g_id'].') WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND p.id='.$post_id) or error('Unable to fetch post info', __FILE__, __LINE__, $db->error());
	if (!$db->num_rows($result))
		message($lang_common['Bad request']);

	$cur_post = $db->fetch_assoc($result);

	if ($DBC_config['o_censoring'] == '1')
		$cur_post['subject'] = censor_words($cur_post['subject']);

	$page_title = array(DBC_htmlspecialchars($DBC_config['o_board_title']), $lang_misc['Report post']);
	$required_fields = array('req_reason' => $lang_misc['Reason']);
	$focus_element = array('report', 'req_reason');
	define('DBC_STATIC', 1);
	define('DBC_ACTIVE_PAGE', 'index');
	require DBC_ROOT.'engine/engine.php';

?>

<div id="sec_nav_con"><div id="sec_nav_left"><div id="sec_nav_right"><div id="secondary_nav">
<ul id="breadcrumb" class="left">
<li class="first"><a href="index.php"><?php echo $lang_common['Index'] ?></a></li>
<li><span>»&#160;</span><a href="viewforum.php?id=<?php echo $cur_post['fid'] ?>"><?php echo DBC_htmlspecialchars($cur_post['forum_name']) ?></a></li>
<li><span>»&#160;</span><a href="topic_<?php echo $post_id ?>#p<?php echo $post_id ?>"><?php echo DBC_htmlspecialchars($cur_post['subject']) ?></a></li>
<li><span>»&#160;</span><strong><?php echo $lang_misc['Report post'] ?></strong></li>
</ul>
<ul id="section_links" class="right"></ul><br class="clear">
</div></div></div></div><br/>

<div id="reportform" class="blockform">


<table width="100%" height="38" border="0" cellpadding="0" cellspacing="0"><thead><tr>
<td align="left" width="28" class="bg_forum_title_left"><img src="engine/skins/images/spacer.gif" border="0"></td>
<td align="left" class="bg_forum_title_center"><span class="cat_title"><?php echo $lang_misc['Report post'] ?></span></td>
<td align="center" width="28" class="bg_forum_title_right"><img src="engine/skins/images/spacer.gif" border="0"></td>
</tr></table>

<table class="forum_adv_table"  width="100%" border="0" cellpadding="0" cellspacing="0"><thead><tr>
<td align="left" class="forum_adv_tleft" width="2"><img src="engine/skins/images/spacer.gif" border="0"></td>
<td align="left" width="100%"><div class="forum_adv_c">

		<form id="report" method="post" action="misc.php?report=<?php echo $post_id ?>" onsubmit="this.submit.disabled=true;if(process_form(this)){return true;}else{this.submit.disabled=false;return false;}">
			<div class="inform">
					<div class="login_info"><?php echo $lang_misc['Reason desc'] ?></div>
					<div class="infldset txtarea">
						<input type="hidden" name="form_sent" value="1" />
						<label class="required"><strong><?php echo $lang_misc['Reason'] ?> <span><?php echo $lang_common['Required'] ?></span></strong><br /><textarea class="input_text" name="req_reason" rows="5" cols="60"></textarea><br /></label>
					</div>
			</div>
			<p class="buttons"><input type="submit" class="fbutton" name="submit" value="<?php echo $lang_common['Submit'] ?>" accesskey="s" /> <a href="javascript:history.go(-1)"><?php echo $lang_common['Go back'] ?></a></p>
		</form>

<br/>
</div></td>
<td align="left" class="forum_adv_tright" width="2"><img src="engine/skins/images/spacer.gif" border="0"></td>
</td></tr></table>
<table width="100%" height="23" border="0" cellpadding="0" cellspacing="0"><thead><tr>
<td align="left" width="30" class="bg_forum_bott_left"><img src="engine/skins/images/spacer.gif" border="0"></td>
<td align="left" class="bg_forum_bott_center"><img src="engine/skins/images/spacer.gif" border="0"></td>
<td align="center" width="30" class="bg_forum_bott_right"><img src="engine/skins/images/spacer.gif" border="0"></td>
</tr></thead></table>


</div>
<?php
	$footer_style = 'index';
	require DBC_ROOT.'engine/footer.php';
}


else if (isset($_GET['subscribe']))
{
	if ($DBC_user['is_guest'] || $DBC_config['o_subscriptions'] != '1')
		message($lang_common['No permission']);

	$topic_id = intval($_GET['subscribe']);
	if ($topic_id < 1)
		message($lang_common['Bad request']);

	// Make sure the user can view the topic
	$result = $db->query('SELECT 1 FROM '.$db->prefix.'topics AS t LEFT JOIN '.$db->prefix.'forum_perms AS fp ON (fp.forum_id=t.forum_id AND fp.group_id='.$DBC_user['g_id'].') WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND t.id='.$topic_id.' AND t.moved_to IS NULL') or error('Unable to fetch topic info', __FILE__, __LINE__, $db->error());
	if (!$db->num_rows($result))
		message($lang_common['Bad request']);

	$result = $db->query('SELECT 1 FROM '.$db->prefix.'subscriptions WHERE user_id='.$DBC_user['id'].' AND topic_id='.$topic_id) or error('Unable to fetch subscription info', __FILE__, __LINE__, $db->error());
	if ($db->num_rows($result))
		message($lang_misc['Already subscribed']);

	$db->query('INSERT INTO '.$db->prefix.'subscriptions (user_id, topic_id) VALUES('.$DBC_user['id'].' ,'.$topic_id.')') or error('Unable to add subscription', __FILE__, __LINE__, $db->error());

	redirect('topic_'.$topic_id, $lang_misc['Subscribe redirect']);
}


else if (isset($_GET['unsubscribe']))
{
	if ($DBC_user['is_guest'] || $DBC_config['o_subscriptions'] != '1')
		message($lang_common['No permission']);

	$topic_id = intval($_GET['unsubscribe']);
	if ($topic_id < 1)
		message($lang_common['Bad request']);

	$result = $db->query('SELECT 1 FROM '.$db->prefix.'subscriptions WHERE user_id='.$DBC_user['id'].' AND topic_id='.$topic_id) or error('Unable to fetch subscription info', __FILE__, __LINE__, $db->error());
	if (!$db->num_rows($result))
		message($lang_misc['Not subscribed']);

	$db->query('DELETE FROM '.$db->prefix.'subscriptions WHERE user_id='.$DBC_user['id'].' AND topic_id='.$topic_id) or error('Unable to remove subscription', __FILE__, __LINE__, $db->error());

	redirect('topic_'.$topic_id, $lang_misc['Unsubscribe redirect']);
}


else
	message($lang_common['Bad request']);
